This Privacy Policy describes how CREI — operating the Logyc business simulation and decision intelligence platform ("Logyc," "Platform," "we," "us," or "our") — collects, uses, shares, and protects personal and enterprise information when you access or use the Platform or visit logyc.com.
The Logyc Platform is a product of CREI — Capital Returns & Equity Intelligence™ — a DBA of a registered Oregon limited liability company. All CREI privacy practices, policies, and legal commitments apply in full to the Platform. The complete CREI Privacy Policy — which governs the collection of personal information, user rights under CCPA/CPRA, GDPR, and Oregon law, cookie practices, and data protection measures — is available at crei.com/terms.html and is incorporated into this policy by reference.
This policy supplements the CREI Privacy Policy with Logyc-specific provisions relating to enterprise data, simulation inputs and outputs, and AI model usage.
"We do not sell your personal information or your enterprise data. We do not use your enterprise data to train general AI models without your explicit written consent."
When you interact with the Platform, request access, or engage with CREI, we may collect:
When you visit the Platform, we and our service providers automatically collect:
We use the following third-party analytics services. Each operates under its own privacy policy:
Additional analytics, marketing, or performance tools may be implemented. Any such additions will be reflected in updates to this policy.
"Enterprise Data" means any business information, operational data, financial data, organizational data, model inputs, assumptions, and related materials that you or your organization upload, transmit, or otherwise provide to the Platform for the purpose of modeling, simulation, or analysis.
You retain full ownership of your Enterprise Data. By providing Enterprise Data to the Platform, you grant CREI a limited, non-exclusive license to process and store that data solely to deliver the Platform's services to you. This license terminates upon termination or expiration of your engagement, subject to applicable data retention obligations.
CREI treats your Enterprise Data as confidential information. We implement appropriate administrative, technical, and physical safeguards to protect it from unauthorized access, disclosure, alteration, or destruction. Enterprise Data will not be disclosed to third parties except as required to deliver Platform services, as required by law, or as expressly authorized by you.
CREI will not use your Enterprise Data to train, fine-tune, benchmark, or otherwise improve general-purpose AI models, algorithms, or platform capabilities without your explicit written consent. Aggregated or fully de-identified data may be used for platform improvement purposes, provided no re-identification is reasonably possible.
Analyses, simulation results, scenario outputs, and recommendations generated by the Platform from your Enterprise Data ("Outputs") are produced for your internal use. Outputs are governed by the data you provide and CREI's modeling methodologies. CREI does not independently verify the accuracy of Enterprise Data provided by users.
The Platform is designed to operate with incomplete, imperfect, or partially structured data. Where data is missing, the Platform may identify gaps, estimate values, or incorporate expert input. Model outputs derived from incomplete data carry inherent uncertainty, which the Platform will endeavor to surface explicitly. Users are responsible for validating all outputs before acting on them.
We use the information we collect for the following purposes:
If you are located in the European Economic Area, United Kingdom, or Switzerland, we process your personal data under the following legal bases:
We do not sell your personal information or Enterprise Data. We may share information only in the following limited circumstances:
CREI is based in Portland, Oregon, United States. If you access the Platform from outside the United States, your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction.
For transfers from the EEA, UK, or Switzerland, we rely on:
We retain personal information and Enterprise Data only for as long as necessary to fulfill the purposes described in this policy:
| Data Type | Retention Period |
|---|---|
| Contact and inquiry form data | Duration of business relationship + 3 years |
| Enterprise Data (Platform inputs) | Duration of engagement + 1 year, unless sooner deletion is requested |
| Platform Outputs and simulations | Duration of engagement + 1 year, unless sooner deletion is requested |
| Analytics data | 14–26 months (per Google Analytics settings) |
| Account and access data | Life of account + 3 years after closure |
| Marketing communication records | Until unsubscribe + suppression record retained indefinitely |
When data is no longer required, it will be securely deleted or anonymized in a manner that prevents re-identification.
Depending on your jurisdiction, you may have the following rights with respect to your personal data. To exercise any of these rights, contact us at andrew@crei.com. We will verify your identity before processing your request.
Request information about the personal data we hold about you.
Opt out of marketing communications at any time via the unsubscribe link or by contacting us.
Request deletion of your Enterprise Data from the Platform upon termination of your engagement.
Request a copy of your Enterprise Data in a structured, machine-readable format.
California residents have the right to know, delete, correct, opt out of the sale or sharing of personal information, limit use of sensitive personal information, and be free from discrimination for exercising these rights. We do not sell personal information. To exercise your rights, contact us at andrew@crei.com. We will respond within 45 days.
You have the rights of access, rectification, erasure, restriction of processing, data portability, and the right to object to processing based on legitimate interests. You may also withdraw consent at any time and lodge a complaint with your local supervisory authority. We will respond within 30 days.
Under Oregon's consumer privacy laws, you have the right to access, correct, and delete personal data, and to opt out of targeted advertising, the sale of personal data, and profiling in furtherance of legal or significant decisions. Contact us at andrew@crei.com to exercise these rights.
We respect the privacy rights of individuals worldwide. If you are located in a jurisdiction with specific data protection rights (including Brazil under the LGPD, Canada under PIPEDA, Australia under the Privacy Act, or other applicable laws), please contact us to exercise any applicable rights.
We honor Global Privacy Control (GPC) signals as valid opt-out requests under the CCPA/CPRA and other applicable laws. If your browser transmits a GPC signal, we treat it as a request to opt out of the sale or sharing of personal information.
The Logyc Platform and website use cookies and similar tracking technologies. The full Cookie Policy, including categories of cookies, consent mechanisms, and opt-out procedures, is available in the CREI Terms at crei.com/terms.html.
In summary, we use:
You may manage cookie preferences through your browser settings or the consent mechanism provided on the site. For EEA, UK, and Swiss visitors, non-essential cookies require your affirmative consent before placement.
To opt out of Google Analytics tracking, you may install the Google Analytics Opt-Out Browser Add-on.
We implement reasonable and appropriate administrative, technical, and physical security measures designed to protect personal information and Enterprise Data against unauthorized access, disclosure, alteration, loss, or destruction. Measures include encryption of data in transit (TLS/SSL), role-based access controls, regular security assessments, and vendor security reviews.
However, no method of transmission over the internet or electronic storage system is completely secure. While we take data security seriously and strive to protect your information, we cannot guarantee absolute security. In the event of a data breach that is likely to result in significant harm to affected individuals, we will notify affected parties and relevant authorities as required by applicable law.
The Platform is not directed to individuals under the age of 18 and is intended solely for professional and enterprise use. We do not knowingly collect personal information from anyone under 18. If we become aware that we have inadvertently collected information from a minor, we will take immediate steps to delete it. If you believe a minor has provided information to us, please contact us at andrew@crei.com.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, platform capabilities, or other factors. Changes will be posted on this page with an updated effective date. For material changes, we will provide prominent notice on the Platform or by email where applicable.
Your continued use of the Platform after the effective date of any revision constitutes your acceptance of the updated policy. If you do not agree with a material change, you should discontinue use of the Platform and contact us to request deletion of your data.
For all privacy-related inquiries, data subject requests, or complaints regarding the Logyc Platform:
CREI — Privacy Inquiries
A DBA of a registered Oregon limited liability company
4949 South Landing Drive, Unit 721
Portland, Oregon 97239
Email: andrew@crei.com
GDPR response time: 30 days · CCPA/CPRA response time: 45 days
Full CREI policy: crei.com/terms.html